FINRA Publishes Its Annual Report on Examination Findings

On December 7, FINRA published its Report on 2018 Examination Findings1 (the “Report”). This is the second year that FINRA issued a summary of its observations from recent examinations. This Report, read in conjunction with FINRA’s Annual Regulatory and Examination Priorities Letter2, is worthy of attention as a roadmap of FINRA’s priorities, with highlights based on significance, frequency and impact on investors and the markets. This year the Report focused on suitability for retail customers, fixed income mark-up disclosures, reasonable diligence for private placements and abuse of authority. The Report also discussed a case study that highlights examination findings from a sweep of volatility-linked products and advised on concerns in additional regulatory areas.

Highlighted Observations

Suitability for Retail Customers

The Report highlighted several examination findings under its suitability rule, 21113, notably of great interest for FINRA and the industry as it relates to the firm-investor relationship and investor protection. Proposed Regulation Best Interest raises similar issues as those raised in the examination findings. The Report discussed situations where registered representatives failed adequately to consider the appropriate factors, for example financial situation, investment experience and investment objectives, in determining if an investment is suitable for an individual. 2018 was no exception to FINRA’s ongoing concern with unsuitable recommendations in complex products and the Report identified leveraged and inverse exchange-traded products (ETPs), including exchange-traded funds (ETFs) and notes (ETNs). The Report also noted sales practice abuses in illiquid securities (such as non-listed REITs), variable annuities, mutual fund share classes and Unit Investment Trusts (UITs). The Report examined overconcentration, excessive trading and unsuitable variable annuity recommendations.

As a resource for firms to strengthen their compliance programs, the Report included examples of sound supervisory practices. For example, some firms implemented controls restricting or implementing a “hard block” prohibiting recommendations of products for certain investors. Other firms required training in high risk or complex products prior to allowing its sales force to recommend the investment. Emphasizing the importance of using technology and basic communication techniques, certain firms developed parameters for trading volume and cost to identify and prevent excessive trading, and some firms made telephone calls or sent detailed activity letters to customers whose accounts breached the firm’s trading thresholds.

This year FINRA conducted a targeted examination of Volatility-Linked Products to assess firms’ supervision of suitability obligations to retail customers.4 The Report identified specific comprehensive controls seen at some firms, such as stringent pre-qualification criteria. The Report also raised a warning about inadequate practices observed regarding suitability, due diligence and systems and controls.

In conducting examinations to assess firms’ compliance with these new rules, the Report identified several challenges, including: failure to enter complete information into the firm’s systems, inadequate disclosures for trades conducted on an agency basis, failure to provide discloses for structured notes, incorrect designation of institutional accounts, and improper security-specific hyperlinks. One concept that ranged across several deficiencies is the “percentage of prevailing market price” (PMP). Disclosed mark-ups and mark-downs must be expressed as both a total dollar amount for the transaction and a PMP. The Report found inaccurate disclosures because of firms’ improper adjustments to PMP of the brokers’ sales credit from the mark-up and vendors’ failure to identify the correct PMP.

Reasonable Diligence for Private Placement

The Report discussed the best and inadequate practices in firms’ due diligence reviews required by reasonable basis suitability obligations for private placements. On the positive side, the Report found that firms that performed meaningful due diligence conducted independent research, verified information, identified red flags and created a due diligence committee. Firms that engaged in offerings involving issuers that were related to the firm created a diligence process that identified and mitigated the potential conflicts.

The Report reminded firms to document the “process and results” of their due diligence analysis. Among the insufficient due diligence findings were firms that conducted no reasonable due diligence, over-relied on third parties to prepare the due diligence without evaluation or attention to red flags, and used conflicted third-party due diligence associated with the issuers.

Abuse of Authority

Certain trading relationships, such as discretionary trading7 or Powers of Attorney, allow brokers to act on their customers’ authority. FINRA examined how firms’ implement appropriate controls to manage the risks, such as unsuitable or excessive trading, associated with these roles. The Report found that some firms implemented reasonable controls, for example, through established automated systems to detect excessive trading. Others used regular attestations from brokers or customers to confirm the relationship.

The Report identified situations where firms or brokers exposed its investors to risks or did not implement reasonable controls to mitigate the risks. The Report commented on brokers who exercised control in investors’ accounts without the investors’ written authorization, or after that authority had expired. Certain brokers mismarked order tickets to obscure the lack of trading authority and others made false statements on their firms’ compliance questionnaires. Always concerned about senior investors, FINRA warned of brokers who convinced senior citizens to name them as trustees or beneficiaries in their accounts.

Additional Observations

The Report also mentioned ten subject areas.

Anti-Money Laundering

FINRA Rule 33108 the Bank Secrecy Act (BSA)9 and US Department of the Treasury regulations specify firms’ obligations in anti-money laundering compliance. Among the Treasury regulations, FinCEN’s Customer Due Diligence (CDD) rule went into effect on May 11, requiring that firms identify beneficial owners, understand the nature and purpose of customer accounts, conduct ongoing monitoring of customer accounts to identify and report suspicious transactions, and update customer information on a risk related basis.

The Report found inadequacies in some firms’ overall AML program and specifically three areas of concern:

The Report noted increased trading within firms by foreign entities in similar low-float and low-priced securities. Firms failed to question the commonality of ownership status of these foreign legal entity accounts.

Some firms failed to document decisions whether or not to file Suspicious Activity Reports (SARs) or used exception reports that did not document reviews into potentially suspicious activity.

Other firms failed to comply with Section 314(a) of the USA PATRIOT Act10, and did not conduct reviews of FinCEN’s Secure Information Sharing System (SISS).

Accuracy of Net Capital Computations

The Report found that certain firms maintained insufficient documentation regarding expense-sharing agreements when third parties agreed to assume responsibility for payment of the firms’ expenses. Other firms applied incorrect haircuts to certain securities or miscalculated operational charges in calculating its net capital under Securities Exchange Act Rule 15c3-1.11

Liquidity

FINRA Regulatory Notice 15-3312 describes the requirements for firms’ liquidity risk management program. The Report identified that some firms’ stress test analyses were limited to a single-time horizon while other firms failed to incorporate the results of the stress test into their business models.

Segregation of Client Assets

The Report identified lapses in compliance with aspects of Securities Exchange Act Rule 15c3-3.13 The Report noted that firms should be more diligent in timely forwarding customer checks to their clearing firms. Some firms improperly used customer “fully paid for” or excess-margin securities to fund their operations and some firms incorrectly calculated its reserve formula requirements.

Operations Professional Registration

FINRA Rule 1230 (Associated Persons Exempt from Registration)14 and FINRA Regulatory Notice 11-3315 state that certain firm personnel engaged in “back office” covered functions must qualify and register as Operations Professionals.16 The Report identified that some firms continue to allow unregistered employees to engage in activities that require registrations, for example approving general leger journal entries, supervising financial functions and approving business requirements.

DBAs and Communications With the Public

The Report found that some brokers used a “doing business as” or “DBA” name, to conceal outside business activities that were not disclosed as FINRA Rule 3270 (Outside Business Activities of Registered Persons).19 The Report observed that some firms did not maintain reasonable supervision over the use of DBA names, including in its compliance with FINRA Rule 2210 (Communications with the Public).20 Some brokers’ retail communications and firm correspondence included the brokers’ DBA name but not the firm’s name or that the securities were offered through the firm. Other brokers’ websites failed to contain an appropriate link or reference to FINRA’s BrokerCheck.

Best Execution

FINRA Rule 5310 (Best Execution and Interpositioning)21 lays out the obligations for best execution in equities, options and fixed income securities trading. Examples of challenges the Report identified in 2018 were failing to assess the execution quality of competing markets, failing to review order types and failing to evaluate required factors such as speed of execution, price improvement and the likelihood of execution of limit orders.

TRACE Reporting

FINRA Rule 6700 Series (Trade Reporting and Compliance Engine (TRACE)22 states the requirements for transaction reporting, including the requirement implemented in 2017 to report on certain Treasury transactions. The Report found that some firms failed to have reasonable supervisory systems to address TRACE reporting. The Report identified late and inaccurate reporting as well as a failure to have a system to determine if a transaction is TRACE eligible.

Market Access Controls

A firm that provides or uses market access must comply with Securities Exchange Act Rule 15c3-5 (Market Access Rule).23 In its examination of this provision, the Report found that some firms face difficulties with intra-day adjustment of pre-trade financial thresholds and oversight of third-party vendors.

Conclusion

Upon joining, FINRA’s president and chief executive officer, Robert Cook embarked on a 360 listening tour. The Report accomplishes two of his stated goals as a result of that tour: increased transparency and providing member firms better tools to improve their regulatory compliance.